Items tagged with security

Yesterday evening, iPhone users may have been surprised to see multiple push notifications from Apple News containing a racist slur and other obscene language. The notifications were triggered by Fast Company’s Apple News account, prompting Apple News to disable the publication’s news channel. As it turns out, a... Read more...
Edward Snowden has gained Russian citizenship nine years after fleeing the United States and landing in Russia. On Monday, Russian president Vladimir Putin signed a decree granting citizenship to 75 foreigners residing in the country, with Snowden among them. Snowden, a former NSA contractor, publicly exposed the... Read more...
Threat analysis teams from two different cybersecurity firms, Cyderes and Stairwell, have published a joint report detailing a new ransomware technique that may be the next big evolution in ransomware. Rather than encrypting data on victims’ computers, ransomware may soon corrupt the data instead, rendering it... Read more...
Researchers at the cybersecurity firm ReasonLabs have discovered a credit card scam campaign estimated to have extracted tens of millions of dollars from tens of thousands of credit card holders. This scheme utilizes fake dating websites, a dedicated payment processor, and customer support services all created and... Read more...
According to a threat analysis by Palo Alto Networks' Unit 42, a deceptive phishing technique called domain shadowing is on the rise. It may even be more prevalent than previously assumed by information security experts. Between April 25 and June 27 of 2022, the company found that 12,197 domains were shadowed to... Read more...
Among the many features and devices announced at the Google I/O event in May of this year was a new feature for the Google app giving users the option to request that their personal information be removed from Google search results. The company told users at the time of the announcement that the feature would be made... Read more...
2K, the publisher of numerous video game series, including Borderlands, Civilization, and Bioshock, has issued a notice to warn customers that an unknown actor recently gained unauthorized access to its help desk platform. The threat actor in question abused this access to distribute malware by way of the 2K Games... Read more...
Last week, a massive security breach rocked Uber, with a teenage hacker claiming credit for the incident. Then, over the weekend, someone claiming to be this same hacker leaked Grand Theft Auto (GTA) 6 gameplay footage on the GTA forums. The developer of the GTA series, Rockstar Games, later confirmed the authenticity... Read more...
Researchers at Aqua Security have discovered cyberattacks that appear to have been conducted by TeamTNT, a threat actor previously thought to be defunct. The researchers encountered three different attacks, each of which looks to be new. One of these attacks, which the researchers have dubbed the “Kangaroo attack,” is... Read more...
The popular rideshare company Uber announced last evening that it was responding to a cybersecurity incident but didn’t provide any further details other than to say that the company was in contact with law enforcement. However, it didn’t take long for information regarding the incident to leak. An unknown threat... Read more...
YouTube is being used to distribute a novel bundle of malware but probably not in the way you'd expect. The videos promote cracks and cheats for several popular games, but links in the video description expose viewers to malware downloads. The malware itself propagates these videos by taking over user accounts to... Read more...
What would you do if you checked your bank account and found it had been unexpectedly padded with a quarter of a million dollars? Seems like a farfetched scenario, except it actually happened to a white-hat hacker, courtesy of Google. The search giant confirmed it mistakenly paid the hacker $249,999... Read more...
The Cyber Division of the US Federal Bureau of Investigation (FBI) has published a notice warning the healthcare industry of cyberattacks targeting healthcare payment processors. The attacks generally come in the form of phishing attacks that leverage employees’ publicly available Personally Identifiable Information... Read more...
Cybersecurity researchers at Proofpoint have been keeping tabs on an Advanced Persistent Threat (APT) known as TA453 and recently found the threat actor employing a phishing technique that makes use of sock puppet email accounts. Sock puppets are alternate accounts or personas used in a deceptive manner by a single... Read more...
The cybersecurity firm Group-IB published research today detailing how various threat actors are stealing Steam login credentials using browser windows. Specialists from the computer emegency response team at Group-IB (CERT-GIB) discovered over 150 phishing resources mimicking Steam in just the month of July. Steam... Read more...
Research conducted by a team at the firmware security firm Binarly reveals that six vulnerabilities remain unpatched in various enterprise-grade HP laptops and desktops despite HP having developed patches for these vulnerabilities. Binarly discovered three of these vulnerabilities last year and notified HP of their... Read more...
No matter how you pronounce it, GIFs are fun and entertaining for most people, and a mild annoyance for the rest. Unfortunately for users of Microsoft Teams, they are also a danger to their systems. A new malware known as GIFShell has surfaced, and the attack vector is Microsoft Teams. Found by Security researcher... Read more...
After introducing video end-to-end encryption (E2EE) for a subset of its wired doorbell and camera devices over a year ago, Ring has announced that it is now extending this capability to its wireless devices. While the company doesn’t specify in its announcement which of its battery-powered devices will support E2EE... Read more...
Scammers and fraudsters have been targeting YouTube creators with sophisticated email campaigns. The emails pose as legitimate notices from Google which claim to be a copyright report and possible strike against the channel. These include a Google Drive link to the purported report, which actually contains a malware... Read more...
The outdoor recreational apparel brand The North Face has reportedly been hit by a major credential stuffing attack. In a credential stuffing attack, threat actors take user login credentials exposed in unrelated data breaches and enter them into a targeted website or service. This form of cyberattack takes advantage... Read more...
Cybersecurity researchers from Palo Alto Networks’ Unit 42 have discovered a campaign exploiting multiple vulnerabilities in D-Link routers to spread botnet malware. A botnet is a network of compromised consumer or enterprise devices controlled by a threat actor to carry out malicious tasks, such as mining... Read more...
The international phenoms that are Minecraft and Roblox are practically ubiquitous in gaming today. The two games are available on multiple platforms including consoles, PC, and even mobile devices. Unfortunately, their significant popularity, especially amongst younger generations, makes them an excellent target for... Read more...
1 2 3 4 5 Next